In response to Congress' request for additional information, the Federal Retirement Thrift Investment Board has changed its story about how it found out about a July 2011 breach affecting its Thrift Savings Plan.
Today's enterprises and government agencies are faced with advanced persistent threats (APTs). These attacks often use social engineering and other techniques to gain a beachhead on corporate networks. From there they probe and use "privilege escalation" to gain access to high-value information and then use stealthy...
Nearly three-quarters of surveyed professionals say concerns regarding data security prevent their organizations from adopting cloud services. And more than half of the respondents say their own services are more secure than those offered by cloud providers.
These are among the findings of the new 2012 Cloud...
What do the proposed Stage 2 rules for the HITECH Act electronic health record incentive program have to say about encryption and other security measures? Consumer advocate Deven McGraw provides an analysis.
The FTC proposes that privacy protections be built at every stage in developing online products and consumers be given the option to decide what information is shared about them and with whom through a do-not-track system.
Hacking is behind most large-scale data breaches. What steps can organizations and leaders take to safeguard their information post-attack? Karen Barney of the Identity Theft Resource Center offers advice.
Consumer advocate Deven McGraw describes what she likes and doesn't like about the privacy and security provisions in the proposed rules for Stage 2 of the HITECH Act electronic health record incentive program.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.